Systems and methods for detecting malicious processes on computing devices
US10049214B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Sep 13, 2016 |
| Grant date | Aug 14, 2018 |
| Priority date | — |
| Expiry date | Oct 13, 2036 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/6218
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
The disclosed computer-implemented method for detecting malicious processes on computing devices may include (i) identifying a portion of data on a computing device that is stored in an unrestricted section of memory and accessed by processes while running on the computing device, (ii) allocating a restricted section of memory within the computing device and indicating that the portion of data is located in the restricted section of memory, (iii) detecting an attempt by a process running on the computing device to access the portion of data within the restricted section of memory using an unexpected access method, (iv) determining, based at least in part on the process attempting to access the portion of data within the restricted section of memory using the unexpected access method, that the process is malicious, and (v) performing a security action on the computing device to prevent the malicious process from harming the computing device.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.